<!--
	o   We should consider this page If we realize we need more in-depth appointment management options
-->

<h1>Appointment Detail Page</h1>

<?php
$USRID = $_SESSION['USRID'];
if(isset($_POST['confirm']))
{
	$UAPID = $_POST['uapid'];
	if($_POST['confirm']=='yes')
	{
		$sql = "UPDATE APPOINTMENTS SET CONFIRMED = TRUE WHERE UAPID = $UAPID";
		$confDen = "Confirmed";
	}
	else
	{
		$sql = "DELETE FROM APPOINTMENTS WHERE UAPID = $UAPID";
		$confDen = "Denied";
	}
	include('connect.php');
	$result = mysql_query($sql);
	include('disconnect.php');
	if(!$result) die("<br />ERROR535 on:<br/><pre>$sql<pre><br />SQL Command Error: " . mysql_error());
	echo "Appointment $confDen.</br><a href='?page=appointment-list'>Back</a>";
}
elseif (isset($_GET['uapid']))
{
	$UAPID = $_GET['uapid'];
	$sql = "SELECT * FROM APPOINTMENTS, USERS WHERE UAPID = $UAPID AND USRID_REQUEST=USRID";

	include('connect.php');
	$result = mysql_query($sql);
	include('disconnect.php');
	if(!$result) die("<br />ERROR535 on:<br/><pre>$sql<pre><br />SQL Command Error: " . mysql_error());

	if (mysql_result($result, 0, "USRID_ACCEPT") == $USRID)
	{
		$NAME = mysql_result($result, 0, "NAME");
		$UNFORMATEDDATE = strtotime(mysql_result($result, 0, "APPOINT_DATE"));
		$DATE = date('l \t\h\e jS \o\f F,Y',$UNFORMATEDDATE);
echo <<<_END
		<p>$NAME would like to set up an appointment on the following date: 
		<br/><pre>$DATE</pre>
		<br/>Please confirm.</p>
		<table><tr><td>
		<form action="?page=appointment-detail" method="post">
		<input type="hidden" name="uapid" value="$UAPID"/>
		<input type="hidden" name="confirm" value="yes"/>
		<input type="submit" value="Yes"/>
		</form></td><td>
		<form action="?page=appointment-detail" method="post">
		<input type="hidden" name="uapid" value="$UAPID"/>
		<input type="hidden" name="confirm" value="no"/>
		<input type="submit" value="No"/>
		</form>
		</td></tr></table>
_END;
	}
}
?>
